It’s never been easy to keep up with the cybersecurity solutions market. Between marketing buzzwords, an endless stream of acronyms, and over promised efficiencies, there’s been a historical challenge for security professionals in successfully navigating the sea of solutions presented to them. This is why analyst reports can be seen as a necessary compass, especially when it comes to the Managed Detection and Response (MDR) market.
These reports can help security organizations better understand:
With a clearer understanding, cybersecurity leaders can have a more informed buying process and establish a stronger partnership with their MDR providers. This will lead to better protection and confidence in the relationship moving forward.
We’ve read over Forrester’s recent Managed Detection And Response Services Landscape In Europe, Q3 2023 report and have highlighted some of our key takeaways and insights.
This report is a pivotal analysis in our industry. It not only highlights the significant advantages of MDR for customers but also offers guidance for those seeking an MDR solution. The report provides insights into market dynamics and trends, and categorizes MDR providers based on geographic focus, industry, and key business scenarios.
What classifies as a leading MDR provider? The question is simple but the answer can be complicated. One thing’s for sure, organizations should prioritize top performers in the MDR space and not just settle for average.
A subpar MDR provider might not offer the thorough detection and response features needed, leading an organization to fall short of its desired cyber resilience. This misconception can elevate the company's risk, as they might believe they are more secure than they truly are.
This is why the response aspect of the provider is so crucial. Cybersecurity incidents should be considered an inevitability, so a big differentiator for an MDR provider should be its response capabilities. Detection alone won’t remedy the operational burdens that many cybersecurity organizations deal with (such as alert fatigue and the talent gap). Response is crucial for ensuring organizations get the most value from their MDR providers.
“A lot of providers are legacy MSSPs with a sticker, or glorified syslog handlers that have rudimentary or no response capabilities beyond VirusTotal signature checks…The best MDR providers have to excel at response. If they want to stay relevant, they’ll need to deliver responses in line with detection as clients want more than process stops. In addition, providers that filter false positives and “batch” related alerts will stand out because alert fatigue is still a major problem. In a similar vein, proactive human-driven threat hunting capabilities are a major differentiator as customers need help with the unknown unknowns.”
“Response is a crucial feature of any Managed Detection and Response service. Alerts are just alerts if there is no cohesive response strategy behind it – that’s what makes MDR so unique. Be it responding via pre-approved actions, fully mitigating a threat, or providing guidance on an incident response plan, MDR is focused on quickly and intelligently responding to mitigate business impact.”
It’s easy for an MDR provider to market themselves as a top performer and over promise on their capabilities so how can a decision-maker appropriately vet an MDR to understand how effective their response capabilities are? Specificity matters here.
Diving into the operational details of an MDR provider will enhance an organization’s comprehension of the services involved. If they’re unable to answer your questions with specific details, it’s probable that their performance isn’t on par with industry leaders.
Forrester recommends obtaining customer references and case studies that serve as evidence of their services while also evaluating the provider’s threat hunting and research capabilities. An MDR provider that’s proactively engaging in threat hunting and their own independent research not only speaks to their commitment to cybersecurity but also ensures that they’re on top of the latest attacks and can handle any potential zero-day vulnerabilities that are most threatening to organizations.
“Run through real or simulated incidents to evaluate the clarity, frequency, and comprehensiveness of their incident reports. Consider…response time, communication channels, integration with your toolsets, and escalation procedures [and] how quickly actionable information is presented…”
“Proactive, human-led threat hunting should be a part of an MDR provider’s DNA and one of its primary differentiators. The provider’s security team should continuously monitor all aspects of the global threat landscape, using the knowledge gained to drive threat hunts across their customers’ systems. Then they can apply their knowledge of cyber threats, geopolitical activity, and vertical-specific data trends to each of their customers’ environments, allowing them to create individualized, dynamic threat models.”
Using an MDR can influence related operations like cyber insurance acquisition. Therefore, it's crucial to collaborate with a provider who understands its significance beyond just the cybersecurity realm.
Cyber insurance premiums are increasing, surging as high as 50% due to increased payouts and insurers are demanding more and more from an organization before they’re willing to provide coverage. An MDR partnership can be leveraged as part of the cyber insurance procurement process in the same way it can be used to demonstrate an organization’s commitment to cyber resiliency and data protection standards for regulatory purposes.
Top performers should know their impact on these areas and address any priorities related to cyber insurance as well as any regulatory changes or requirements that may come into play, such as the EU’s NIS2.
“As insurers seek more tangible attestations of a customer’s state prior to onboarding, they’ll turn to MDR providers and tap into their visibility of customer environments. Customers will also attempt to use the information to negotiate better premiums. With European threat actors increasing their extortion activities and insurance providers tightening purse strings, MDR providers can help organizations identify key gaps, respond quicker, and increase maturity.”
“The cyber insurance market has hardened, meaning cyber insurance is both harder and more expensive to obtain. MDR attempts to assuage these pain points by providing 24x7 security monitoring and response and enhanced visibility, thus empowering MDR customers with unassailable documentation and proof of cyber resilience.”
The popularity of the MDR market has become a double-edged sword for many purchasers. The wide availability of providers is undoubtedly a good thing for organizations looking to bolster their cybersecurity capabilities. However, the crowded market has made it difficult to properly sift through dozens, if not hundreds of vendors who are touting themselves as top providers.
Market guides and reports made available by analysts like Forrester can give guidance to a cybersecurity leader who’s looking to make their MDR provider partnership a key component of their cybersecurity strategy.
Bitdefender was listed by Forrester as a “Notable Provider” in Forrester’s Managed Detection And Response Services Landscape In Europe, Q3 2023 report where our industry focus was listed as education and social services, healthcare, and industrial products, and our type of offering as a general-purpose platform that can be used to build any domain application.
Our MDR and XDR solutions offer companies Security as a Service, providing customers with a team of elite security analysts, researchers, and threat hunters working 24/7. This reduces operational burden while improving prevention, detection, and response performance via the GravityZone platform and advanced attack detection tailored to our customer’s threat profile.
To learn more about Bitdefender MDR, visit our MDR product page.
Access a complimentary copy of The Managed Detection And Response Services Landscape In Europe, Q3 2023 report by Forrester Research here.
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world.View all posts
Don’t miss out on exclusive content and exciting announcements!